Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
HiralShah
Staff
Staff

Created on ‎02-02-2024 07:26 AM

Article Id 297377

Technical Tip: SSL VPN web mode showing '403 Forbidden' error

Description

This article describes the case when it is desired to access the VPN using web mode but it is showing 403 Forbidden error while SSL VPN is configured with SAML authentication.
Scope FortiGate.
Solution

SSL VPN web mode gets the error as below when configured with SAML authentication.

 

Picture1.png

 

  1. Make sure web-mode is enabled in the SSL VPN portal:

 

config vpn ssl web portal

    edit "full-access"

        set web-mode enable

 

Warning: Please note that the legacy SSL VPN web mode feature is disabled by the global sslvpn-web-mode setting.

 

Picture2.png

 

  1. As the warning displayed, web mode is disabled globally so can not enable it in the full-access portal directly.

     

    Enable the web-mode globally first:

    config sys global

        set sslvpn-web-mode enable

    end

     

Now the web mode of SSL VPN should work as expected after enabling web-mode for specific portals. To enable the web mode for specific portals run the command as shown in step 1. 

 

If the issue persists, contact the TAC team.
1352
0 Kudos
Submit Article Idea
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.